IP Address Design
IP address assignment needs to comply with the following rules:
- Uniqueness: Each host on an IP network must have a unique IP address. Even if the Multiprotocol Label Switching (MPLS) or Virtual Private Network (VPN) is used, it is recommended that different Virtual Routing and Forwarding (VRF) instances use different IP addresses.
- Contiguousness: Node addresses of the same service must be contiguous to facilitate route planning and summarization. Contiguous addresses facilitate route summarization, reducing the size of the routing table and speeding up route calculation and convergence. An aggregation switch may connect to multiple network segments. When allocating IP addresses, ensure that routes of these network segments can be summarized to reduce the number of routes on core devices.
- Scalability: IP addresses need to be reserved at each layer. When the network is expanded, no address segments or routes need to be added.
- Easy maintenance: Device and service address segments need to be clearly distinguished from each other, facilitating subsequent statistics monitoring and security protection based on address segments. If an IP address is planned properly, you can determine the type of device to which the IP address belongs. The IP address planning and VLAN planning can be associated. For example, the third byte of an IP address can be the same as the last three bits of a VLAN ID, which is easy to remember and facilitates management.
- It is recommended that internal hosts on a campus network use private IP addresses, and NAT devices be deployed at the campus egress to translate private IP addresses into public IP addresses so that the internal hosts can access the public network. A few devices in the DMZ and the Internet zone use public IP addresses.
The IP addresses of the campus network are classified into service, management, and interconnection IP addresses, as shown in Table 3-2.
Category |
Suggestion |
|---|---|
Service IP address |
Service addresses are the IP addresses of servers, hosts, and gateways. You are advised to use the same last digits as the gateway address. For example, gateways use IP addresses suffixed by .254. The address range of each service and the address range of the servers and clients must be clearly separated. The addresses of each type of service terminals must be contiguous and can be aggregated. Considering the scope of a broadcast domain and easy planning, it is recommended that an address segment with a 24-bit mask be reserved for each service. If the number of service terminals exceeds 200, an extra address segment with a24-bit mask is assigned. |
Management IP address |
A Layer 2 device uses the VLANIF interface's IP address as the management IP address. It is recommended that all Layer 2 switches connected to a gateway be on the same network segment. It is recommended that a Layer 3 device use a Layer 3 interface for management and deployment. The interface address is used as the management IP address for local login and interworking with the SDN controller. |
Interconnection IP address |
An interconnection address refers to the IP address of an interface connected to anther device's interface. It is recommended that the IP address with a 30-bit mask be used as the interconnection address. The core device uses a smaller IP address. The interconnection address is usually aggregated and advertised. During IP address planning, consider the use of contiguous IP addresses that can be aggregated. |